14
script
Customers follow Microsoft. doctor I create an object (data source, index, etc.) encrypted with a CMK, but I get a 500 Internal Server Error.
{‘error’:{‘code’:”,’message’:’Unable to wrap/unwrap encryption key using Key Vault key. {\\’Message\\’:\\’An error occurred.\\’}’}
possible cause
- The Key Vault host is invalid (e.g. invalid Key Vault domain).
- Action: Check keyVaultUri in Json payload.
- The Key Vault host cannot be accessed and retrieved. For example, a key vault has public network access disabled but no shared private link (SPL) configured in discovery.
- Action: Check. S.P.L. Configure or create an SPL.
If the Key Vault Uri is correct or accessible, the error message due to an incorrect Key Vault key name or version in the JSON payload is slightly different. The error message includes the full Key Vault key path.
{
“error”: {
“code”: “”,
“message”: “Key Vault key is not available. https://keyvaultname.vault.azure.net:443/keys/wrongkeyname Wrap/unwrap encryption keys. Key Vault key not found.”
}
}
